diff --git a/common/src/ssl_utils.cpp b/common/src/ssl_utils.cpp
index 7a255f7..785ab48 100644
--- a/common/src/ssl_utils.cpp
+++ b/common/src/ssl_utils.cpp
@@ -440,19 +440,11 @@ struct ssl_chello* ssl_chello_parse(const unsigned char* buff, size_t buff_len,
 		}
     	len = (size_t)buff[pos];
     	pos += 1 + len;
-		/* ssl 3.0, no extensions */
-		if(_chello->min_version.major == 3 && _chello->min_version.minor == 0)
+		/* no extensions */
+		if(pos == buff_len)
 		{
-			if(pos == buff_len)
-			{
-				*result = CHELLO_PARSE_SUCCESS;
-				return _chello;
-			}
-			else
-			{
-				*result = CHELLO_PARSE_INVALID_FORMAT;
-				return _chello;
-			}
+			*result = CHELLO_PARSE_SUCCESS;
+			return _chello;
 		}
 		/* Extensions */
     	if (pos + 2 > buff_len)
diff --git a/conf/kni.conf b/conf/kni.conf
index e6e136c..781a35f 100644
--- a/conf/kni.conf
+++ b/conf/kni.conf
@@ -1,15 +1,45 @@
 [global]
 log_path = ./log/kni/kni.log
 log_level = 10
-tfe_node_count = 1
-local_eth = enp8s0
+tfe_node_count = 3
 tfe_data_recv_thread_num = 8
+manage_eth = eth0
 #keepalive_replay: window update replay
 keepalive_replay_switch = 1
 
+[tfe0]
+enabled = 1
+mac_addr = fe:65:b7:03:50:bd
+dev_eth_symbol = eth7
+ip_addr = 192.168.10.38
+
+[tfe1]
+enabled = 1
+mac_addr = fe:65:b7:03:50:bd
+dev_eth_symbol = eth8
+ip_addr = 192.168.10.39
+
+[tfe2]
+enabled = 1
+mac_addr = fe:65:b7:03:50:bd
+dev_eth_symbol = eth9
+ip_addr = 192.168.10.40
+
+[tfe_cmsg_receiver]
+listen_eth = eth0
+listen_port = 2475
+
+[watch_dog]
+listen_eth = eth0
+listen_port = 2476
+keepalive_switch = 1
+keepalive_idle = 2
+keepalive_intvl = 1
+keepalive_cnt = 3
+
 [maat]
 #readconf_mode: 0 = iris, 1 = json, 2 = redis
-readconf_mode = 2
+readconf_mode = 1
 tableinfo_path = ./conf/kni/maat_tableinfo.conf
 maatjson_path = ./conf/kni/maat_test.json
 redis_ip = 192.168.10.120
@@ -17,50 +47,24 @@ redis_port = 6390
 redis_index = 4
 tablename_intercept_ip = PXY_INTERCEPT_IP
 tablename_intercept_domain = PXY_INTERCEPT_DOMAIN
-compile_alias = COMPILE_ALIAS
 #default_action: 0x80 = bypass, 0x02 = intercept
 default_action = 128
 
+[send_logger]
+switch = 0
+kafka_topic = SESSION-RECORD-LOG
+kafka_brokerlist = 192.168.10.119:9092,192.168.10.122:9092,192.168.10.123:9092
+
 [marsio]
 appsym = knifw
 dev_vxlan_symbol = vxlan_user
 src_mac_addr = 00:0e:c6:d6:72:c1
 
-[tfe0]
-enabled = 1
-mac_addr = fe:65:b7:03:50:bd
-dev_eth_symbol = ens1f5
-ip_addr = 
-
-[tfe1]
-enabled = 1
-mac_addr = fe:65:b7:03:50:bd
-dev_eth_symbol = eth8
-ip_addr = 
-
-[tfe2]
-enabled = 1
-mac_addr = fe:65:b7:03:50:bd
-dev_eth_symbol = eth9
-ip_addr = 
-
-[field_stat]
-stat_path = ./fs2_kni.status
-
-[send_logger]
-switch = 1
-kafka_topic = SESSION-RECORD-LOG
-kafka_brokerlist = 192.168.10.119:9092,192.168.10.122:9092,192.168.10.123:9092
-
 [kafka]
 queue.buffering.max.messages = 1000000
 topic.metadata.refresh.interval.ms = 600000
 security.protocol = MG
 
-[tfe_cmsg_receiver]
-listen_eth = enp8s0
-listen_port = 2475
-
 [traceid2pme_htable]
 mho_screen_print_ctrl = 0
 mho_thread_safe = 1
@@ -80,10 +84,5 @@ mho_hash_max_element_num = 640000
 mho_expire_time = 0
 mho_eliminate_type = LRU
 
-[tfe_mgr]
-keepalive_switch = 1
-keepalive_idle = 2
-keepalive_intvl = 1
-keepalive_cnt = 3
-keepalive_listen_eth = 
-keepalive_listen_port = 2476
\ No newline at end of file
+[field_stat]
+stat_path = ./fs2_kni.status
\ No newline at end of file
diff --git a/conf/maat/maat_tableinfo.conf b/conf/maat/maat_tableinfo.conf
index f6f480a..8931b5a 100644
--- a/conf/maat/maat_tableinfo.conf
+++ b/conf/maat/maat_tableinfo.conf
@@ -1,5 +1,4 @@
 1	PXY_INTERCEPT_COMPILE	compile	escape	--
 2	PXY_INTERCEPT_GROUP	group	--
 3	PXY_INTERCEPT_IP	ip	--
-4	PXY_INTERCEPT_DOMAIN	expr	utf8	utf8	yes	0
-5	COMPILE_ALIAS	compile	escape	--
\ No newline at end of file
+4	PXY_INTERCEPT_DOMAIN	expr	utf8	utf8	yes	0
\ No newline at end of file
diff --git a/conf/maat/maat_test.json b/conf/maat/maat_test.json
index 769d3f7..3180a11 100644
--- a/conf/maat/maat_test.json
+++ b/conf/maat/maat_test.json
@@ -5,8 +5,7 @@
         {
             "compile_id": 0,
             "service": 1,
-            "action": 1,
-            "table_name": "COMPILE_ALIAS",
+            "action": 2,
             "do_blacklist": 1,
             "do_log": 1,
             "effective_rage": 0,
diff --git a/entry/src/kni_entry.cpp b/entry/src/kni_entry.cpp
index 661ba14..8c79076 100644
--- a/entry/src/kni_entry.cpp
+++ b/entry/src/kni_entry.cpp
@@ -362,7 +362,7 @@ static int log_generate(struct pme_info *pmeinfo, void *local_logger){
 	ret = kni_send_logger_sendlog(g_kni_handle->send_logger, log_msg, strlen(log_msg));
 	if(ret < 0){
 		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_SENDLOG_FAIL], 0, FS_OP_ADD, 1);
-		KNI_LOG_ERROR(local_logger, "Failed at knisend_logger_sendlog, ret is %d, strem_traceid is %s", 
+		KNI_LOG_ERROR(local_logger, "Failed at sendlog_to_kafka, ret is %d, strem_traceid is %s", 
 				ret, pmeinfo->stream_traceid);
 		goto error_out;
 	}
@@ -1760,7 +1760,7 @@ extern "C" int kni_init(){
 	char log_path[KNI_PATH_MAX] = "";
 	int tfe_node_count = 0;
 	int tfe_data_recv_thread_num = -1;
-	char local_eth[KNI_SYMBOL_MAX] = "";
+	char manage_eth[KNI_SYMBOL_MAX] = "";
 	struct kni_send_logger *send_logger = NULL;
 	struct kni_field_stat_handle *fs_handle = NULL;
 	int id = -1;
@@ -1801,15 +1801,15 @@ extern "C" int kni_init(){
 		goto error_out;
 	}
 	ret = MESA_load_profile_int_def(profile, section, "tfe_data_recv_thread_num", &tfe_data_recv_thread_num, 1);
-	ret = MESA_load_profile_string_nodef(profile, section, "local_eth", local_eth, sizeof(local_eth));
+	ret = MESA_load_profile_string_nodef(profile, section, "manage_eth", manage_eth, sizeof(manage_eth));
 	if(ret < 0){
-		printf("MESA_prof_load: local_eth not set, profile is %s, section is %s", profile, section);
+		printf("MESA_prof_load: manage_eth not set, profile is %s, section is %s", profile, section);
 		goto error_out;
 	}
 	ret = MESA_load_profile_int_def(profile, section, "keepalive_replay_switch", &keepalive_replay_switch, 1);
 	KNI_LOG_ERROR(local_logger, "MESA_prof_load, [%s]:\n log_path: %s\n log_level: %d\n tfe_node_count: %d\n"
-					"tfe_data_recv_thread_num: %d\n local_eth: %s\n keepalive_replay_switch: %d", 
-					section, log_path, log_level, tfe_node_count, tfe_data_recv_thread_num, local_eth, keepalive_replay_switch);
+					"tfe_data_recv_thread_num: %d\n manage_eth: %s\n keepalive_replay_switch: %d", 
+					section, log_path, log_level, tfe_node_count, tfe_data_recv_thread_num, manage_eth, keepalive_replay_switch);
 	g_kni_handle = ALLOC(struct kni_handle, 1);
     g_kni_handle->local_logger = local_logger;
 	g_kni_handle->tfe_data_recv_thread_num = tfe_data_recv_thread_num;
@@ -1846,16 +1846,16 @@ extern "C" int kni_init(){
     g_kni_fs_handle = fs_handle;
 
 	//init local_ipv4
-	ret = kni_ipv4_addr_get_by_eth(local_eth, &(g_kni_handle->local_ipv4));
+	ret = kni_ipv4_addr_get_by_eth(manage_eth, &(g_kni_handle->local_ipv4));
 	if(ret < 0){
-		KNI_LOG_ERROR(local_logger, "Failed at get bind ipv4 addr, eth is %s", local_eth);
+		KNI_LOG_ERROR(local_logger, "Failed at get bind ipv4 addr, eth is %s", manage_eth);
 		goto error_out;
 	}
 
 	//init kni_send_logger
 	send_logger = kni_send_logger_init(profile, local_logger);
 	if(send_logger == NULL){
-		KNI_LOG_ERROR(local_logger, "Failed at init kni_send_logger", local_eth);
+		KNI_LOG_ERROR(local_logger, "Failed at init kni_send_logger", manage_eth);
 		goto error_out;
 	}
 	g_kni_handle->send_logger = send_logger;
diff --git a/entry/src/kni_maat.cpp b/entry/src/kni_maat.cpp
index 701623b..ccd957c 100644
--- a/entry/src/kni_maat.cpp
+++ b/entry/src/kni_maat.cpp
@@ -68,7 +68,6 @@ struct kni_maat_handle* kni_maat_init(const char* profile, void *logger){
 	char tableinfo_path[KNI_PATH_MAX];
 	char tablename_intercept_ip[KNI_SYMBOL_MAX];
 	char tablename_intercept_domain[KNI_SYMBOL_MAX];
-	char compile_table[KNI_SYMBOL_MAX];
 	char maatjson_path[KNI_PATH_MAX];
 	char redis_ip[INET_ADDRSTRLEN];
 	int redis_port;
@@ -104,8 +103,8 @@ struct kni_maat_handle* kni_maat_init(const char* profile, void *logger){
 		goto error_out;
 	}
 	KNI_LOG_ERROR(logger, "MESA_prof_load, [%s]:\n readconf_mode: %d\n tableinfo_path: %s\n tablename_intercept_ip: %s\n tablename_intercept_domain: %s\n"
-		"compile_table: %s\n default_action: %d", section, readconf_mode, tableinfo_path, tablename_intercept_ip, 
-		tablename_intercept_domain, compile_table, g_maat_default_action);
+		"default_action: %d", section, readconf_mode, tableinfo_path, tablename_intercept_ip, 
+		tablename_intercept_domain, g_maat_default_action);
 	feather = Maat_feather(g_iThreadNum, tableinfo_path, logger);
 	handle = ALLOC(struct kni_maat_handle, 1);
 	handle->feather = feather;
diff --git a/entry/src/tfe_mgr.cpp b/entry/src/tfe_mgr.cpp
index 09c5793..131ddce 100644
--- a/entry/src/tfe_mgr.cpp
+++ b/entry/src/tfe_mgr.cpp
@@ -289,7 +289,7 @@ struct tfe_mgr* tfe_mgr_init(int tfe_node_count, const char* profile, void *logg
     mgr->logger = logger;
     int ret;
     //load keepalive conf
-    char section[KNI_SYMBOL_MAX] = "tfe_mgr";
+    char section[KNI_SYMBOL_MAX] = "watch_dog";
     MESA_load_profile_int_def(profile, section, "keepalive_switch", &(mgr->keepalive_switch), 0);
     KNI_LOG_ERROR(logger, "MESA_prof_load, [%s]:\n keepalive_switch: %d", section, mgr->keepalive_switch);
     if(mgr->keepalive_switch == 0){
@@ -309,17 +309,17 @@ struct tfe_mgr* tfe_mgr_init(int tfe_node_count, const char* profile, void *logg
     MESA_load_profile_int_def(profile, section, "keepalive_idle", &keepalive_idle, 2);
     MESA_load_profile_int_def(profile, section, "keepalive_intvl", &keepalive_intvl, 1);
     MESA_load_profile_int_def(profile, section, "keepalive_cnt", &keepalive_cnt, 3);
-    ret = MESA_load_profile_string_nodef(profile, section, "keepalive_listen_eth", keepalive_listen_eth, sizeof(keepalive_listen_eth));
+    ret = MESA_load_profile_string_nodef(profile, section, "listen_eth", keepalive_listen_eth, sizeof(keepalive_listen_eth));
 	if(ret < 0){
 		KNI_LOG_ERROR(logger, "MESA_prof_load: keepalive_listen_eth not set, profile is %s, section is %s", profile, section);
 		goto error_out;
 	}
-    ret = MESA_load_profile_int_nodef(profile, section, "keepalive_listen_port", &keepalive_listen_port);
+    ret = MESA_load_profile_int_nodef(profile, section, "listen_port", &keepalive_listen_port);
     if(ret < 0){
         KNI_LOG_ERROR(logger, "MESA_prof_load: keepalive_listen_port not set, profile is %s, section is %s", profile, section);
         goto error_out;
     }
-    KNI_LOG_ERROR(logger, "MESA_prof_load, [%s]:\n keepalive_idle: %d\n keepalive_intvl: %d\n keepalive_cnt: %d\n keepalive_listen_eth: %s\n keepalive_listen_port: %d",
+    KNI_LOG_ERROR(logger, "MESA_prof_load, [%s]:\n keepalive_idle: %d\n keepalive_intvl: %d\n keepalive_cnt: %d\n listen_eth: %s\n listen_port: %d",
 					section, keepalive_idle, keepalive_intvl, keepalive_cnt, keepalive_listen_eth, keepalive_listen_port);
     ret = kni_ipv4_addr_get_by_eth(keepalive_listen_eth, &keepalive_listen_ip);
     if(ret < 0){